Archive

Your home router could be part of a network used to knock sites like Sony PlayStation network offline.

During Christmas we reported that a hacker group calling themselves the Lizard Squad, took responsibility for ruining the day for Sony PlayStation and Microsoft Xbox users by taking the gaming networks offline. This and previous attacks, which included a bomb threat directed at an American Airlines flight with Sony Entertainment president John Smedley on board, have been revealed to be a marketing campaign to advertise a new product available for rent to anyone who wants to cause a Denial-of-Service (DDoS) attack to the target of their choice.

I’m not a hacker. Why should I care?

You may not be a hacker, but the power for this service could be coming from your home office! Security blogger, Brian Krebs, whose own site was attacked, found out that the network of infected devices that powers the Product-That-Must-Not-Be-Named (that’s because Lizard Squad gleefully thanked Brian for the publicity on their Twitter account) is made up mostly of compromised home routers. On that same Twitter account, Lizard Squad said that they are using 250-500k infected routers.

These are the devices in everyone’s home that we warned you about in our blog, Your home network is at risk of cybersecurity attacks. Most people neglect the security of these devices by using the default user name and password that comes from the manufacturer out-of-the-box.

Our research determined that nearly 80% of all home routers in use today are thinly protected by common, easily hacked passwords, making routers an easy entry point to the home network for hackers,” said Avast Software’s CEO, Vincent Steckler.

Lizard Squad has just proven that point.

Today’s router security situation is very reminiscent of PCs in the 1990s, with lax attitudes towards security combined with new vulnerabilities being discovered every day creating an easily exploitable environment, “ Steckler said. “The main difference is people have much more personal information stored on their devices today than they did back then. Consumers need strong yet simple-to-use tools that can prevent attacks before they happen.”

How to protect your home router

Start by scanning you home network with Avast’s Home Network Security Solution.

Open the Avast user interface, click Scan from the menu on the left, then choose Scan for network threats. Avast will take a look at your router and report back any issues. In most cases, if there is an issue to be addressed, then it will direct you to your router manufacturer’s website.

The Home Network Security Solution is available in free and paid versions of Avast 2015. Get it at www.avast.com.

Earlier this month, as the Sony Entertainment breach was making headlines, Sony’s PlayStation Network (PSN) was knocked offline due to an alleged hacking attack. On Christmas morning, just as kids everywhere were unwrapping their new PlayStation and Xboxes, the PSN and Microsoft’s Xbox Live network were both disrupted leading to speculation that they were once again hacked. A group calling themselves Lizard Squad claiming responsibility for the attacks via Twitter.

As of now, PlayStation is still offline and PSN is directing users to their @AskPlayStation Twitter account for updates.

Please follow @AskPlayStation to get the latest updates as we work to restore full network functionality.

Poor Sony. They are getting it from all directions these days. On Sunday, the PlayStation Network, the online store for games, movies, and TV shows, suffered a hacker attack and was knocked offline. Visitors to the store got a message that said, ‘Page Not Found! It’s not you. It’s the Internet’s fault.’ I just visited the page, and got this same message, so reports that it was up again, were at best, temporary – at least for some of us.

Sony tweeted yesterday that they were investigating.

We are aware that users are having issues connecting to PSN. Thanks for your patience as we investigate.

During the Xbox hack, Lizard Squad promised that attacks would continue until Christmas.

This attack comes on the heels of news recently that Sony Pictures’ corporate network was infiltrated by cybercrooks which resulted in the theft of 100 terabytes of confidential employee data, business documents, and unreleased films. It was speculated that North Korean hackers were behind the attack due to the upcoming release of the movie “The Interview,” which is about an attempted assassination of Kim Jong-Un. The North Korean government denied responsibility for the attack on Sunday. The attack has since been traced to a luxury hotel in Bangkok, and is being investigated.

The two attacks appear to be unrelated.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses.Please follow us on Facebook, Twitter and Google+.

The majority of mobile malware AVAST has in its database comes from unofficial app stores. As we wrote about in The Fine Line between Malicious and Innocent Apps, infiltrating official app markets like Google Play is rather difficult. Therefore, it is very likely that mobile malware authors will look for other ways to hack mobile devices, which contain a plethora of valuable and sensitive information.

App servers and base transceiver stations (BTS), which enable communication between mobile networks and devices, will most likely be targeted next by mobile hackers. Man-in-the-middle attacks via app servers mean that mobile hackers may redirect communication between mobile app users and the app’s server or infect app users’ by pushing malware onto user devices via the apps on their devices.

Mobile operators should be prepared for a BTS attack, as this may be possible in the near future. Not only would hackers be able to spread malware to mobile users via a BTS attack, but infected BTS could re-route all incoming mobile data.

Another possibility is that hackers could intercept communication between mobile users and app servers. Hackers could retrieve banking details if they intercept the communication between a user completing a transaction using a mobile banking app.

Mobile malware is in its infancy; at the moment comparable to a toddler. Mobile users, security providers, app markets, and mobile operators should brace themselves for the teenage version of mobile attacks.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.

With this latest security breach, AVAST encourages consumers to take necessary precautions. Change your passwords immediately and if you’re using the same password somewhere else, you must change it there, too. Choose complex passwords so it will be more difficult for hackers to de-encrypt them. In general, we recommend changing passwords every three to six months, or after news of a breach.

If financial and credit card data is compromised in an online threat, AVAST advises users to monitor and check their accounts for unauthorized charges and to immediately report any suspicious activities to their bank or card provider.

Interested in reading more?

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.

Hackers use weak passwords just like the rest of us.

Nearly two thousand passwords used by hackers were leaked this week, when I tried to decode a PHP shell without knowing the key. Because I did not know the exact content of the encoded file and searching the key could take me years, I chose a different approach. I decided to find out how strong passwords used by hackers are and create a dictionary.

Over the years of fighting malware, the avast! Virus Lab has gathered many samples of various back-doors, bots and shells. Some of them are protected with a password encoded in MD5, SHA1 or in plain text, so it was good way to start. I looked at 40,000 samples of hackers’ passwords and found that nearly 2,000 were unique and 1,255 of those were in plain text. Another 346 passwords were easily cracked from MD5 hashes, because they were shorter than 9 characters. That gave me a total of 1,601 passwords and 300 hashes. I created statistics from those words, and here are my findings.

Passwords that nobody will guess

About 10% of the passwords were beyond normal capabilities of guessing or cracking. Of those, I found words as long as 75 characters, probably generated by a computer. Some of them were in long sentence form mixed with special characters such as lol dont try cracking 12 char+. Too bad it was stored in plain text.

There were also passwords that don’t use characters from an English keyboard. But there was still a 90% chance it could be a normal word, maybe with some number in it. No less than 9% of the passwords could be found in an English dictionary.

The table on the right shows which characters are used in hackers’ passwords. The first row means that 58% of passwords contained only lower-case alphabet characters a-z. Read more…

Auction giant eBay requests 128 million users to change their passwords after hack.

In a blog post from the company, eBay Inc. said a cyberattack “compromised a database containing encrypted passwords and other non-financial data.” There is no evidence that the compromise resulted in users’ financial or credit card information being stolen, but the company is telling all users to change their passwords.

Users need to be alert even after their passwords have been changed. After a breach like this the risk that hackers will use their personal information to commit identity fraud and launch phishing attacks increases. As always, do not click on links in emails, or give personal information over the phone. If you need to discuss your account information, please contact eBay’s customer service by phone or via their website.

“The eBay breach is yet another password issue like Heartbleed. It is really important that people take this seriously, ” said Ondrej Vlcek, Chief Operating Officer of AVAST Software. “Data from our recent survey shows that nine out of ten people intended to change their passwords after Heartbleed, but only 40% took action. This careless attitude is completely irresponsible; people have to take the initiative to protect themselves.”

Two weeks ago, eBay discovered that cyberattackers broke into their corporate network through a small number of employee log in credentials. They revealed that the database was actually compromised in late February and early March, and included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth. However, the database did not contain financial information or other confidential personal information.

Another eBay compromise yesterday

Yesterday in an unrelated attack, eBay’s UK and French advertisement network was compromised and showed fake Java and Flash updates. This malicious advertising replaced the visited page and an installer offered a Potentially Unwanted Program (PUP). As of last night, they were working to resolve the issue. avast! Antivirus detected the compromise and alerted users.

“Third party ad networks are useful to attackers because the number of connections delays taking malicious content down,” explained Honza Zika, malware analyst in the avast! Virus Lab. “Instead of a normal ad, the attacker deploys a code that redirects to the attacker’s page. It’s designed to look like an official Flash or Java page, but installs unwanted toolbars, addons, extensions or other PUPs. avast! detected this and protected our users.”

Thanks to independent researcher Malekal for his work on this compromise. Read more on his blog.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.

A major Apple security flaw allows cybercrooks and spies to grab personal information like email, credit card numbers, and other sensitive data. Apple confirmed researchers’ findings that the same SSL/TSL security flaw fixed with the latest iOS 7.0.2 update is also present in notebook and desktop machines running OS X.

It is clear that we need constant protection to cover flaws that will always exist; flaws that we are not even aware of. Reuter‘s reported that

The bug has been present for months, according to researchers who tested earlier versions of Apple’s software. No one had publicly reported it before, which means that any knowledge of it was tightly held and that there is a chance it hadn’t been used.

But documents leaked by former U.S. intelligence contractor Edward Snowden showed agents boasting that they could break into any iPhone, and that hadn’t been public knowledge either.

It’s very public now, and that means the race is on between cybercrooks to exploit the flaw and Apple to fix it. You are exposed until the bugs are identified by the vendor, a patch is created, and it’s pushed out or you install it. Your vulnerability increases when you use public WiFi Hotspots.

Your best protection is constant protection

It’s precisely because we put ourselves at risk by using free WiFi, and we don’t know when the next security crisis is coming that we need constant protection. SecureLine VPN is that protection. Read more…

Update: The new eBay hack has customers changing passwords again. If you’re sick of changing your password every month after yet another breach, it’s time to consider a password management program like avast! Easy Pass.

The massive hack against Target, in which 40 million credit and debit card numbers were stolen, began with stolen login credentials from the air-conditioning repairman. This illustrates the old adage, “a chain is only as strong as its weakest link.”

While consumers can’t control why a third party contractor would have external network access at a major retailer, there are some things you can do to protect yourself.

How can I be notified if my email address or password was hacked?

Every two seconds in the US, someone becomes a victim of identity fraud. With 13.1 million victims last year and multiple companies (Facebook, Target, Neiman Marcus, Adobe) being exploited, there is a good chance you could be among them. You can use the have i been pwned notification service to learn if your email address was included in a large data breach. This service allows you to enter an email address and will notify you if your address appears in any databases added to the service. I learned that my email address was stolen from the Adobe breach, but thankfully, I haven’t been notified of anything else.

What’s your weakest link?

You can’t stop shopping, but there are things you can do (other than paying cash only) if you’ve become the victim of hacking.

1. Change your passwords We’ve talked about it plenty of times, but here’s a reminder: Make passwords long and strong. Combine capital and lowercase letters with numbers and symbols to create a more secure password. eNcrYP0123tion$ is stronger than Encryption123. If you can’t remember different passwords for all the accounts you have, use a password manager like avast! EasyPass.Read more…

If you are one of the thousands of visitors headed to Sochi, Russia for Friday’s 2014 Winter Olympics opening ceremony then you will be hacked. Richard Engel, from NBC news, reported that it’s not if you get hacked, it’s when, and he discovered that it starts from the moment you turn on your device.

In an experiment conducted by NBC Nightly News, their just out-of-the-box computer and smartphone were hacked in seconds while in Sochi. “The State Department warns that travelers should have no expectation of privacy; even in their hotel rooms. And as we found out, you are especially exposed as soon as you try and communicate with anything,” reported Engel.

“As tourists and families of athletes arrive in Sochi…if they fire up their phones at baggage claim, it’s probably too late to save the integrity of their electronics and everything inside them. Visitors to Russia can expect to be hacked,” said NBC’s anchorman Brian Williams as he introduced the report.

Watch the video report of NBC’s experiment (there’s an ad first, so give it a few seconds):

Protect yourself with avast! SecureLine VPN

Wherever you travel – whether to Sochi or your neighborhood coffee shop – you are sure to use public WiFi, which is full of security risks. That’s why we came up with a solution - have avast! SecureLine VPN installed on your devices. avast! SecureLine is available for PCs, and just recently we released avast! SecureLine for Android and iOS devices.

How to get avast! SecureLine

avast! SecureLine for PC is available as an add-on to avast! Antivirus. Get it from our website, or open the AVAST interface, click on the Store tab and get a free trial or one-month, one-year, ortwo-year subscription.

avast! SecureLine VPN for your smartphone or tablet is available as a monthly or yearly subscription for Android on Google Play and for iOS in the Apple App Store.

UPDATE: NBC has taken some criticism for the story since this report, with claims that it was misleading and promoted scaremongering. The experts they worked with released a white paper describing how each new device, without the protection of antivirus software, was compromised. NBC responded by stating that their experiment was designed to “show in general how easily a non-expert can fall victim.”

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.